Some Virus in FireFox Please Help

[badb0y]

Hey guys,

I downloaded some file from internet and executed it... (big mistake)

Now i am facing an annoying problem. When ever i open a .HTML file from my computer, the Firefox opens some sites itself (cam sites, ebook sites etc.) I scanned with Malwarebytes it didnt helped.

Another thing is that, this only happens with FireFox. I reset it, re-installed it, deleted my profile it didnt helped.

.HTML files open well in chrome and Internet Explorer.

I am using Windows 8, FireFox Nightly.

Please Help

Thank you.

[Pc_Madness]

Perhaps its a stupid question, but whats your Homepage set to in Firefox?

[badb0y]

no. the homepage is blank. but whenever i open some .html files saved on my hdd, it also open some other sites.. and redirects to somewhere else...

[+Eternal Tempest MVC]

Try defaulting firefox.

http://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

(Scroll down to see instructions towards bottom of the page).

[badb0y]

tried it already!

[The Evil Overlord]

have you tried uninstalling FF then opening the files with it uninstalled?

<edit, nevermind, just read op, says you did>

[+Eternal Tempest MVC]

tried it already!

Deleted and add-on and extensions?

If so, wondering of Windows Host File / DNS / DHCP settings been altered?

[badb0y]

okay heres another thing i just found..

for example, if the file name is "This is My Page.html" and if i open it in firefox, 4 tabs will open and it will look for This, is, my, page as sites in each tab...

I checked hosts file, nothing there. how to check DNS/ DHCP setting?

thanks

[+Warwagon MVC]

do a windows key + R then type firefox /p and create a new profile and use that and see if your issues go away. If they do then just export your favorites and go back to firefox / p and nuke your old profile.

[badb0y]

do a windows key + R then type firefox /p and create a new profile and use that and see if your issues go away. If they do then just export your favorites and go back to firefox / p and nuke your old profile.

didnt helped

[AdamLC]

I assume you checked to see if any extensions are there that shouldn't be?

Is firefox the only browser doing it?

[Hum]

Do you use System Restore -- is it turned on ?

You can try going back a few days before problems began.

[+BudMan MVC]

""This is My Page.html" and if i open it in firefox, 4 tabs will open and it will look for This, is, my, page as sites in each tab..."

So if your page was called one.html what happens

It opens up a second tab searching for site called one?

That doesn't sound like any sort of virus or malware - sounds like some sort of addon or something. Can you post a screen shot of this??

So when I open a html file in firefox it looks like this, only the 1 tab and address of the file I opened.. What does what your saying happen look like - post a screenshot!

[Detection]

If you downloaded a file and executed it, the problem is probably not with firefox, the problem is likely you have a virus

empty all temp folders, disable msconfig startup items, check registry run entries, reset IE, Run scans with > Spybot, Avast Boot time scan, malwarebytes, Hijack This

Also check the hosts file doesn't have a load of redirect entries

[badb0y]

So i opened a file "Funny 3 Words.htm" and this is i got :

in tab 1: file:///D:/Zzz/Funny

tab 2: http://www.****.com/Funny

tab 3: http://3/

tab 4:http://words.htm/

it starts searching for the each words of the file name and then sometimes redirects.

some times one tab redirects to some specific site ebook site or cam site.

I ran scan with comodo 2013, bitdefender 2013, malwarebytes and they found nothing. I cleaned registry, checked startup, hosts files, all seem good.

Unfortunately i have no restore points. And this happens with only FireFox. There are NO addons installed and no extra plugins

[Detection]

There is a guide here for battling a redirect virus

http://malwaretips.c...redirect-virus/

You might want to scan for rootkits too if normal AVs / malware scanners can't find anything

I think Kaspersky has a rescue boot disk capable of finding rootkits

What was the file you downloaded and ran ?

Have you checked simple things like programs and features to see if there is some adware / spyware crap installed ?

[+BudMan MVC]

Why would a virus do such a thing - makes NO sense.. Opening up sites that it wants, sure - opening sites to ads, ok..

But if you open a file and opens tabs with each word?? I highly doubt its redirecting anything, more like just seaching for the word or opening the domain what word matches up too. Sounds more like a bug with the file opening process to me.

So are you just clicking on these html files, or are you in firefox doing open file?

[Detection]

Why would a virus do such a thing - makes NO sense.. Opening up sites that it wants, sure - opening sites to ads, ok..

But if you open a file and opens tabs with each word?? I highly doubt its redirecting anything, more like just seaching for the word or opening the domain what word matches up too. Sounds more like a bug with the file opening process to me.

So are you just clicking on these html files, or are you in firefox doing open file?

I'm just going from OPs post saying: "When ever i open a .HTML file from my computer, the Firefox opens some sites itself (cam sites, ebook sites etc.)"

[badb0y]

okay, i followed everything on this page: http://malwaretips.com/blogs/remove-browser-redirect-virus/

but no luck

Also, this only happens when i open .html outside of browser. If i open any html file from file menu of browser then it opens normally. If i double click on any .html file than it opens in an unusual way redirecting and searching for file name words..

[Detection]

okay, i followed everything on this page: http://malwaretips.c...redirect-virus/

but no luck

Also, this only happens when i open .html outside of browser. If i open any html file from file menu of browser then it opens normally. If i double click on any .html file than it opens in an unusual way redirecting and searching for file name words..

Have you gone to the HTML files properties via right click and made sure Firefox is set as the default program to open them ?

[+primortal Subscriber²]

Does the same thing happen if you select IE as your default browser or right-click on the .html file and select IE? At least I would point to an OS issue vs. a Firefox one.

[LaP]

Open regedit and look for .html and .htm file extension shell options.

[+BudMan MVC]

What OS are you running? Did you already post that? XP, Vista, 7, 8? Some other windows - linux?

If only happens when you click on it or use open with in explorer, then sure it could be something wrong in the way the file is passed to firefox.. I like the idea of the test of using different browser to open the file the same way. I assume you have done this already since you stated it doesn't happen with other browsers. So are you using open with, or just doubleclicking and its using firefox as default to open html files. What if you change the association of html files to different browser so that if you double click them its opened in IE or Chrome, Opera, etc. What happens then?

If we know what OS your using it will help us pinpoint where the issue might be.

curious what your HKEY_CLASSES_ROOT\FirefoxHTML\shell\open\command

is?

For example mine is

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"

Do you happen to have maybe %2 %3 or something added to yours? Im going to edit mine to see if I can duplicate your issue. This is from a XP box btw.

[+Gary7 Subscriber²]

Remove Fx completely. Then do a thorough virus scan. Then re install Firefox. If you use system restore, delete all of your restore points as they will be infected.

[badb0y]

okay, I tried making chrome and IE my default browsers, everything works normal in IE and Chrome. I changed associations and tried on both, chrome and IE, everything works normal.

then again associated or not, theres problem with firefox.

I am using Windows 8